The Rising Cost of Data Breach

October 28, 2015

cost of a data breach

IBM and the Poneman Institute released a global study in January that said the average total cost of a data breach has increased 23 percent in the last two years, up to $3.79 million.

The same study showed that the average cost paid by organizations for each lost or stolen record containing confidential information rose from $145 in 2014 to $154 in 2015. The largest increase was seen in the retail industry, where the average cost increased from $105 in 2013 to $165 in 2014.

The Cost of a Data Breach is Increasing

As today’s world becomes more and more digital, with so much sensitive data stored on drives of all sorts, optical media, cell phones, and various other forms of office equipment, there’s every reason to believe that the cost of a data breach is only going to rise over the next several years.

It’s important to know that just because a piece of technology no longer works, doesn’t mean that the information on it is no longer accessible. In fact, without destruction, most of it is pretty easily retrieved by someone who knows what they’re doing.

In 2003 researchers at MIT were able to recover 92.4 percent of sensitive information from 158 used hard drives. That sensitive information included not only corporate information, but names and contact information, emails, credit card numbers, social security numbers and medical records.

Security measures have improved dramatically since MIT’s study, and organizations have embraced the value of hiring Technology Asset Disposal Companies. While security has improved, so have hackers and data thieves. If you think that black markets where stolen information is sold only exist on TV shows and in the movies, you’ve got your head in the sand.

The following numbers should scare you a little bit: 80 percent of corporate desktops and laptops contain sensitive data. When it comes to IT personnel, only 34 percent have a secure process for hard drive destruction.

There’s far too much on the line, both monetarily and legally, for organizations not to hire experts to dispose of their technology assets when the time comes to refresh or upgrade. Avoid the rising costs of any kind of information breach by hiring an expert and trustworthy data destruction organization.

15 Million T-Mobile Customers’ Data Exposed | T-Mobile Data Breach in 2015

October 23, 2015

t-mobile data breach

On October 1, it was announced that approximately 15 million T-Mobile customers were impacted by a T-Mobile data breach at credit agency Experian PLC, the latest major leak of confidential data to hit corporate America.

The exposed data included names, addresses, birth dates and encrypted Social Security numbers, driver’s license or passport numbers for customers who might have applied for T-Mobile cell service between Sept. 1, 2013 and Sept. 16, 2015.

T-Mobile said the T-Mobile data breach was discovered on September 15 and included information on millions of their subscribers, former customers and people who applied for service or device financing at the wireless carrier over the last two years.

“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian,” T-Mobile CEO John Legere said. “I take our customer and prospective customer privacy VERY seriously.”

Experian is one of the three major American credit bureaus, along with Equifax and TransUnion, that affect, if not touch every American with a credit card or cell phone.

There is no evidence yet that any breached information has been inappropriately used and Experian is notifying the individuals who may have been affected. They are also offering free credit monitoring and identity resolution services for two years to affected customers.

Hackers typically put this type of information up for sale on black markets, where large data bases of information are aggregated and sold to identity thieves. A stolen identity can lead to stolen tax refunds, ruined credit and worse.

T-Mobile is in the process of reaching out to people who may be impacted by the T-Mobile data breach.

Here are four steps to take if you are ever afraid your personal data has been breached. All four steps can be done by calling each of the three credit bureaus (Experian: 1-888-397-3742, Equifax: 1-800-525-6285, and TransUnion: 1-800-680-7289).

  1. Monitor your credit reports. You are entitled to one free credit report every 12 months from each of the three credit bureaus.
  2. Consider placing a “fraud alert” with each of the three credit bureaus. An alert doesn’t block potential new credit, but places a comment on your history. Creditors should contact you prior to opening a new account.
  3. Consider placing a “security freeze” with each of the three credit bureaus to prohibit the release of any information from your reports. A security freeze can help prevent identity theft since most businesses won’t open credit accounts without checking a consumer’s credit history first.
  4. Beware of unsolicited calls or emails offering credit monitoring or identity theft services. Never provide your Social Security number, credit card numbers, or other personal information in response to unsolicited emails or calls.

Where Does Your E-Waste End Up?

October 8, 2015

e-waste

50 million tons of e-waste is dumped into landfills worldwide every year.

That’s a huge number, but it only represents two percent of what is dumped each year. That two percent of e-waste, however, makes up 70 percent of the toxic waste in landfills. According to Popular Science, when electronics start to break down, they release the metals and chemicals inside them, including lead, which has been linked to a myriad of health issues.

E-Waste: What You Can Do About It

It’s obvious that more and more organizations are in need of a technology asset disposal company that responsibly recycles their technology. Maxxum is an industry leader in technology asset disposal because we won’t let our clients be compromised.

In fact, Maxxum has a zero landfill policy. We’re committed to responsible, domestic recycling of technology assets — in the best interest of the environment and your business.

At Maxxum, we believe that retiring technology assets shouldn’t mean risking an environmental breach. We’re committed to smart, strategic partnerships with our clients. We stay up-to-date on laws and regulations regarding environmental responsibility. We develop and support industry best practices in compliance, recycling and reporting.

In order to track what happens to your recycled technology from start to finish, Maxxum executes the following for every client:

  • Provides a Certificate of Electronic Equipment Destruction (CEED) that includes serial number, type, date, and our downstream recycle partner
  • Thoroughly vets our downstream recycling partners for compliance with our strict standards
  • Provides current copies of EPA licenses for all recycling partners
  • Reduces end-of-life assets to their smallest component parts and material types
  • Engages domestic recycling partners who utilize the most eco-friendly processes

It’s this attention to detail and accountability that makes Maxxum a leader in the field.

Data Protection | Dont’ Let Your Data Fall Into the Wrong Hands

October 1, 2015

data protection

Class-action lawsuits, crippling financial penalties, tarnished reputations and even jail time are some of the repercussions that can stem from information falling into the wrong hands and the lack of data protection.

If you think your organization is immune to a data breach, you’re wrong.

Early next year the movie, Snowden, will be released, detailing the story of Edward Snowden, an American computer professional who leaked classified information from the National Security Agency (NSA) to the British daily newspaper, The Guardian, in 2013.

If the NSA can be compromised, that probably means every organization has some type of vulnerability. There are, however, precautions that can be taken.

One particular point of vulnerability for every organization is when they refresh their technology assets. Just because new technology has entered the building, that doesn’t mean that you’re no longer responsible for the data on the technology that is being disposed of.

The best way to ensure that your data doesn’t fall into the wrong hands is to hire a trustworthy, dependable Technology Asset Disposal firm like Maxxum.

Data Protection Made Easy

Demand certified drive sanitization and destruction. Maxxum creates a smart, strategic partnership with each client. We will help your organization build a comprehensive and cost-effective risk-management program. This program eliminates potential data and environmental breaches and offers a secure, documented chain of custody that mitigates liability.

Maxxum utilizes best practices for sanitization of digitally stored information, meeting the NIST (National Institute of Standards and Technology) standard, also adopted by the Department of Defense.

Our comprehensive documentation and certification includes:

  • Asset receipt reporting provided by Maxxum’s technology center
  • Certification of data destruction by serial number of the host machine and drives
  • Drive sanitization date and method used

If you need physical destruction of your drives to ensure data protection, Maxxum can help. We offer certified and documented physical destruction that shields you and your company.

Technology breaches are happening to organizations big and small. If you’re not being diligent about where your data ends up, it can fall into the wrong hands. Ensure data protection and turn your used technology over to Maxxum; it will be disposed of properly.

5 Best Practices for Technology Asset Disposal

asset disposal

If you’re a little wary about the best way to manage technology asset disposal these days, you’re not alone. While security breaches have been featured in some of the biggest headlines over the last few years, the number of companies that have been hit with criminal and civil penalties, as well as executive fines and even incarceration, is alarming.

As technology continues to advance at a high rate, organizations are now experiencing a more involved process when disposing of their technology equipment. Moreover, smart organizations are finding qualified, trusted, Technology Asset Disposal companies to manage this complicated process.

Technology Asset Disposal – the Right Way

Here are five best practices any Technology Asset Disposal company should provide for their clients:

1. Data Destruction

You might be finished with your storage drive, but that doesn’t mean that the data is gone. You may be vulnerable to legal ramifications if you don’t dispose of your data and drive assets properly. If you’re sensitive data leaks, you’ll have to answer to the law and your customers. Demand certified drive sanitation or destruction.

2. Equipment Remarketing

Technology assets (such as PCs, laptops, and servers) that are less than three to four years old have resale value. A disposal company should work to recoup that value on your behalf through a variety of remarketing channels. Re-selling, selling to employees or donating to schools or foundations are all ways to get value back from your old technology.

3. Equipment Recycling

A Certificate of Electronic Equipment Destruction (CEED) should be provided for all recycled technology assets. Having documentation that demonstrates or certifies that your company took the proper steps can save you from penalties down the line.

4. Compliance Reporting

Detailed documentation makes it easy to prove compliance with all laws and regulations. With so many government agencies tasked with oversights (HIPPA, PCI, SOX, FCC, FDA, etc.), an asset disposal company needs to provide a detailed audit trail to prove compliance.

5. Policy and Program Development

If your company is not sure how to start developing a compliant technology asset disposal program, you are not alone. A strong and reliable technology asset disposal company should be your guide through the process.